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Abstract 
This document defines a portion of the Management Information Base 
(MIB) for use with network management protocols in the Internet 
community. In particular, it describes managed objects for modeling 
the Bidirectional Forwarding Detection (BFD) protocol. 
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1. Introduction 


This memo defines a portion of the MIB for use with network 
management protocols in the Internet community. In particular, it 
describes managed objects to configure and/or monitor Bidirectional 
Forwarding Detection for [RFC5880], [RFC5881], [RFC5883], and 
[RFC7130], BFD versions 0 and/or 1, on devices supporting this 
feature. 


This memo does not define a compliance requirement for a system that 
only implements BFD version 0. This is a reflection of a considered 
and deliberate decision by the BFD WG because the BFD version 0 
protocol is primarily of historical interest by comparison to the 
widespread deployment of the BFD version 1 protocol. 


2. The Internet-Standard Management Framework 


For a detailed overview of the documents that describe the current 
Internet-Standard Management Framework, please refer to section 7 of 
RFC 3410 [RFC3410]. 


Managed objects are accessed via a virtual information store, termed 
the Management Information Base or MIB. MIB objects are generally 
accessed through the Simple Network Management Protocol (SNMP). 
Objects in the MIB are defined using the mechanisms defined in the 
Structure of Management Information (SMI). This memo specifies a MIB 
module that is compliant to the SMIv2, which is described in STD 58, 
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RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580 
[RFC2580]. 


As with all MIB modules, an attempt to SET or CREATE an object toa 
value that is not supported by the implementation will result ina 
failure using a return code that indicates that the value is not 
supported. 


3. Terminology 


This document adopts the definitions, acronyms, and mechanisms 
described in [RFC5880], [RFC5881], [RFC5883], and [RFC7130]. Unless 
otherwise stated, the mechanisms described therein will not be 
redescribed here. 


The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 
"OPTIONAL" in this document are to be interpreted as described in BCP 
14, RFC 2119 [RFC2119]. 


4. Brief Description of MIB Objects 


This section describes objects pertaining to BFD. The MIB objects 
are derived from [RFC5880], [RFC5881], [RFC5883], and [RFC7130], and 
also include textual conventions defined in [RFC7330]. 


4.1. General Variables 


The General Variables are used to identify parameters that are global 
to the BFD process. 


4.2. Session Table (bfdSessionTable) 


The session table is used to identify a BFD session between a pair of 
nodes. 


4.3. Session Performance Table (bfdSessionPerfTable) 
The session performance table is used for collecting BFD performance 


counters on a per-session basis. This table is an AUGMENT to the 
bfdSessionTable. 


4.4. BFD Session Discriminator Mapping Table (bfdSessDiscMapTable) 
The BFD Session Discriminator Mapping Table provides a mapping 


between a local discriminator value to the associated BFD session 
found in the bfdSessionTable. 
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4.5. BFD Session IP Mapping Table (bfdSessIpMapTable) 
Given bfdSessInterface, bfdSessSrcAddrType, bfdSessSrcAddr, 


bfdSessDstAddrType, 


and bfdSessSrcAddrType, 


the BFD Session IP 


Mapping Table maps to an associated BFD session found in the 


bfdSessionTable. 
are of type "IP". 


This table SHOULD contain those BFD sessions that 


5. BFD MIB Module Definitions 
This MIB module makes references to the following documents: 
[RFC2578], [RFC2579], [RFC2580], [RFC2863], [RFC3289], [RFC3413], 
[RFC5082], [RFC5880], and [RFC5881]. 
BFD-STD-MIB DEFINITIONS = BEGIN 
IMPORTS 
MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, 
mib-2, Integer32, Unsigned32, Counter32, Counter64 
FROM SNMPv2-SMI —- RFC 2578 
TruthValue, RowStatus, StorageType, TimeStamp 
FROM SNMPv2-TC -—- RFC 2579 
MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP 
FROM SNMPv2-CONF —- RFC 2580 
InterfaceIndexOrZero 
FROM IF-MIB -—- RFC 2863 
InetAddress, InetAddressType, InetPortNumber 
FROM INET-ADDRESS-MIB 
IndexIntegerNextFree 
FROM DIFFSERV-MIB —- RFC 3289 


BfdSessIndexTC, BfdIntervalTC, BfdMultiplierTC, 
BfdCtrlDestPortNumberTC, BfdCtrlSourcePortNumberTC 


FROM BFD-TC-STD-MIB 


TANAbfdDiagTC, 

IANAbfdSessStateTC, 

TANAbfdSessAuthenticationkeyTC 
FROM IANA-BFD-TC-STD-MIB; 
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IANAbfdSessTypeTC, 
TANAbfdSessAuthenticationTypeTC, 


Standards Track 


IANAbfdSessOperModeTC, 
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bf£dMIB MODULE-IDENTITY 
LAST-UPDATED "2014081200002" -- 12 August 2014 00:00:00 GMT 
ORGANIZATION "IETF Bidirectional Forwarding Detection 
Working Group" 
CONTACT-INFO 
"Thomas D. Nadeau 
Brocade 
Email: tnadeau@lucidvision.com 


Zafar Ali 
Cisco Systems, Inc. 
Email: zali@cisco.com 


Nobo Akiya 
Cisco Systems, Inc. 
Email: nobo@cisco.com 


Comments about this document should be emailed 
directly to the BFD Working Group mailing list 
at rtg-bfd@ietf.org" 
DESCRIPTION 
"Bidirectional Forwarding Management Information Base. 


Copyright (c) 2014 IETF Trust and the persons identified 
as authors of the code. All rights reserved. 


Redistribution and use in source and binary forms, with 
or without modification, is permitted pursuant to, and 
subject to the license terms contained in, the Simplified 
BSD License set forth in Section 4.c of the IETF Trust’s 
Legal Provisions Relating to IETF Documents 
(http://trustee.ietf.org/license-info) ." 
REVISION "2014081200002" -- 12 August 2014 00:00:00 GMT 
DESCRIPTION 
"Initial version. Published as RFC 7331." 
::= { mib-2 222 } 


-- Top-level components of this MIB module. 


bfdNotifications OBJECT IDENTIFIER ::= { bfdMIB O } 
bfdObjects OBJECT IDENTIFIER ::= { bfdMIB 1 } 
bfdConformance OBJECT IDENTIFIER ::= { bfdMIB 2 } 
bfdScalarObjects OBJECT IDENTIFIER ::= { bfdObjects 1 } 
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—- BFD General Variables 
-- These parameters apply globally to the system’s 
-- BFD process. 


bfdAdminStatus OBJECT-TYPE 
SYNTAX INTEGER { 
enabled(1), 
disabled(2), 
adminDown (3), 
down (4) 
} 
MAX-ACCESS read-write 
STATUS current 
DESCRIPTION 
"The desired global administrative status of the 
BFD system in this device." 
::= { bfdScalarObjects 1 } 


bfdOperStatus OBJECT-TYPE 
SYNTAX INTEGER { 
up (1), 
down (2), 
adminDown (3) 
} 
MAX-ACCESS read-only 
STATUS current 
DESCRIPTION 
"Indicates the actual operational status of the 
BFD system in this device. When this value is 
down (2), all entries in the bfdSessTable MUST have 
their bfdSessOperStatus as down(2) as well. When 
this value is adminDown (3), all entries in the 
bfdSessTable MUST have their bfdSessOperStatus 
as adminDown(3) as well." 
::= { bfdScalarObjects 2 } 


bfdNotificationsEnable OBJECT-TYPE 

SYNTAX TruthValue 

MAX-ACCESS read-write 

STATUS current 

DESCRIPTION 
"If this object is set to true(1), then it enables 
the emission of bfdSessUp and bfdSessDown 
notifications; otherwise, these notifications are not 
emitted." 
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REFERENCE 
"See also RFC 3413, Simple Network Management Protocol (SNMP) 
Applications, for explanation that 
notifications are under the ultimate control of the 
MIB modules in this document." 
DEFVAL { false } 
:= { bfdScalarObjects 3 } 


bfdSessIndexNext OBJECT-TYPE 


SYNTAX IndexIntegerNextFree (0..4294967295) 
MAX-ACCESS read-only 

STATUS current 

DESCRIPTION 


"This object contains an unused value for 
bfdSessIndex that can be used when creating 
entries in the table. A zero indicates that 
no entries are available, but it MUST NOT be used 
as a valid index. " 

::= { bfdScalarObjects 4 } 


—- BFD Session Table 
-—- The BFD Session Table specifies BFD session-specific 
—- information. 


bfdSessTable OBJECT-TYPE 


SYNTAX SEQUENCE OF BfdSessEntry 
MAX-ACCESS not-accessible 
STATUS current 
DESCRIPTION 
"The BFD Session Table describes the BFD sessions." 
REFERENCE 


"RFC 5880, Bidirectional Forwarding Detection (BFD)." 
::= { bfdObjects 2 } 


bfdSessEntry OBJECT-TYPE 
SYNTAX BfdSessEntry 
MAX-ACCESS not-accessible 
STATUS current 
DESCRIPTION 
"The BFD Session Entry describes the BFD session." 
INDEX { bfdSessIndex } 
::= { bfdSessTable 1 } 


BfdSessEntry ::= SEQUENCE { 
bfdSessIndex BfdSessIndexTC, 
bfdSessVersionNumber Unsigned32, 
bfdSessType IANAbfdSessTypeTC, 
bfdSessDiscriminator Unsigned32, 
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} 


bfdSessRemoteDiscr 
bfdSessDestinationUdpPort 
bfdSessSourceUdpPort 
bfdSessEchoSourceUdpPort 
bfdSessAdminStatus 
bfdSessOperStatus 
bfdSessState 
bfdSessRemoteHeardFlag 
bfdSessDiag 
bfdSessOperMode 
bfdSessDemandModeDesiredFlag 
bfdSessControlPlaneIndepFlag 
bfdSessMultipointFlag 
bfdSessInterface 
bfdSessSrcAddrType 
bfdSessSrcAddr 
bfdSessDstAddrType 
bfdSessDstAddr 

bfdSessGISM 

bfdSessGTSMTTL 
bfdSessDesiredMinTxInterval 
bfdSessReqMinRxInterval 
bfdSessReqMinEchoRxInterval 
bfdSessDetectMult 
bfdSessNegotiatedInterval 
bfdSessNegotiatedEchoInterval 
bfdSessNegotiatedDetectMult 
bfdSessAuthPresFlag 
bfdSessAuthenticationType 
bfdSessAuthenticationKkKeyID 
bfdSessAuthenticationKkey 
bfdSessStorageType 
bfdSessRowStatus 


bfdSessIndex OBJECT-TYPE 


Nadeau, 


SYNTAX BfdSessIndexTC 
MAX-ACCESS not-accessible 
STATUS current 
DESCRIPTION 


BFD-STD-MIB 


Unsigned32, 
BfdCtrlDestPortNumberTC, 
BfdCtrlSourcePortNumberTC, 
InetPortNumber, 

INTEGER, 

INTEGER, 
IANAbfdSessStateTC, 
TruthValue, 
TANAbfdDiagTC, 
IANAbfdSessOperModeTC, 
TruthValue, 

TruthValue, 

TruthValue, 
InterfaceIndexOrZero, 
InetAddressType, 
InetAddress, 
InetAddressType, 
InetAddress, 

TruthValue, 

Unsigned32, 
BfdIntervalTC, 
BfdIntervalTC, 
BfdIntervalTC, 
BfdMultiplierTc, 
BfdIntervalTC, 
BfdIntervalTC, 
BfdMultiplierTc, 
TruthValue, 
TANAbfdSessAuthenticationTypeTC, 
Integer32, 
TANAbfdSessAuthenticationKkeyTC, 
StorageType, 

RowStatus 


"This object contains an index used to represent a 


unique BFD session on this device. 


Managers 


should obtain new values for row creation in this 
table by reading bfdSessIndexNext." 


:= { bfdSessEntry 1 } 


et al. 
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bfdSessVersionNumber OBJECT-TYPE 

SYNTAX Unsigned32 (0..7) 

MAX-ACCESS read-create 

STATUS current 

DESCRIPTION 
"The version number of the BFD protocol that this session 
is running in. Write access is available for this object 
to provide the ability to set the desired version for this 
BFD session." 

REFERENCE 
"RFC 5880, Bidirectional Forwarding Detection (BFD)." 

DEFVAL { 1 } 

::= { bfdSessEntry 2 } 


bfdSessType OBJECT-TYPE 
SYNTAX IANAbfdSessTypeTC 
MAX-ACCESS read-create 
STATUS current 
DESCRIPTION 
"This object specifies the type of this BFD session." 
::= { bfdSessEntry 3 } 


bfdSessDiscriminator OBJECT-TYPE 

SYNTAX Unsigned32 (1..4294967295) 

MAX-ACCESS read-create 

STATUS current 

DESCRIPTION 
"This object specifies the local discriminator for this BFD 
session, which is used to uniquely identify it." 

:= { bfdSessEntry 4 } 


bfdSessRemoteDiscr OBJECT-TYPE 


SYNTAX Unsigned32 (0 | 1..4294967295) 
MAX-ACCESS read-only 
STATUS current 
DESCRIPTION 
"This object specifies the session discriminator chosen 
by the remote system for this BFD session. The value may 


be zero(0) if the remote discriminator is not yet known 
or if the session is in the down or adminDown(1) state." 
REFERENCE 
"Section 6.8.6 of RFC 5880, Bidirectional 
Forwarding Detection (BFD)." 
:= { bfdSessEntry 5 } 
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bfdSessDestinationUdpPort OBJECT-TYPE 

SYNTAX BfdCctrlDestPortNumberTC 

MAX-ACCESS read-create 

STATUS current 

DESCRIPTION 
"This object specifies the destination UDP port number 
used for this BFD session’s Control packets. The value 
may be zero(0) if the session is in adminDown(1) state." 

DEFVAL { 0 } 

::= { bfdSessEntry 6 } 


bfdSessSourceUdpPort OBJECT-TYPE 


SYNTAX BfdctrlSourcePortNumberTC 
MAX-ACCESS read-create 
STATUS current 
DESCRIPTION 
"This object specifies the source UDP port number used 
for this BFD session’s Control packets. The value may be 


zero(0) if the session is in adminDown (1) state. Upon 
creation of a new BFD session via this MIB, the value of 
zero(0) specified would permit the implementation to 
choose its own source port number." 

DEFVAL { 0 } 

::= { bfdSessEntry 7 } 


bfdSessEchoSourceUdpPort OBJECT-TYPE 


SYNTAX InetPortNumber 

MAX-ACCESS read-create 

STATUS current 

DESCRIPTION 
"This object specifies the source UDP port number used for 
this BFD session’s Echo packets. The value may be zero(0) 
if the session is not running in the Echo mode, or the 
session is in adminDown(1) state. Upon creation of a new 


BFD session via this MIB, the value of zero(0) would 
permit the implementation to choose its own source port 
number." 

DEFVAL { 0 } 

::= { bfdSessEntry 8 } 


bfdSessAdminStatus OBJECT-TYPE 
SYNTAX INTEGER { 
enabled (1) 
disabled (2 
adminDown ( 
down (4) 


y 
3), 


} 
MAX-ACCESS read-create 
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STATUS current 
DESCRIPTION 
"Denotes the desired operational status of the BFD session. 


A transition to enabled(1) will start the BFD state machine 
for the session. The state machine will have an initial 
state of down(2). 


A transition to disabled(2) will stop the BFD state machine 
for the session. The state machine may first transition to 
adminDown(1) prior to stopping. 


A transition to adminDown(3) will cause the BFD state 
machine to transition to adminDown(1) and will cause the 
session to remain in this state. 


A transition to down(4) will cause the BFD state machine 
to transition to down(2) and will cause the session to 
remain in this state. 


Care should be used in providing write access to this 
object without adequate authentication." 
::= { bfdSessEntry 9 } 


bfdSessOperStatus OBJECT-TYPE 
SYNTAX INTEGER { 
up (1), 
down (2), 
adminDown (3) 
} 
MAX-ACCESS read-only 
STATUS current 
DESCRIPTION 
"Denotes the actual operational status of the BFD session. 
If the value of bfdOperStatus is down(2), this value MUST 
eventually be down(2) as well. If the value of 
bfdOperStatus is adminDown(3), this value MUST eventually 
be adminDown (3) as well." 
::= { bfdSessEntry 10 } 


bfdSessState OBJECT-TYPE 
SYNTAX IANAbfdSessStateTC 
MAX-ACCESS read-only 
STATUS current 
DESCRIPTION 
"Configured BFD session state." 
::= { bfdSessEntry 11 } 
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bfdSessRemoteHeardFlag OBJECT-TYPE 

SYNTAX TruthValue 

MAX-ACCESS read-only 

STATUS current 

DESCRIPTION 
"This object specifies the status of BFD packet reception from 
the remote system. Specifically, it is set to true(1) if 
the local system is actively receiving BFD packets from the 
remote system and is set to false(2) if the local system 
has not received BFD packets recently (within the detection 
time) or if the local system is attempting to tear down 
the BFD session." 

REFERENCE 
"RFC 5880, Bidirectional Forwarding Detection (BFD)." 

:= { bfdSessEntry 12 } 


bfdSessDiag OBJECT-TYPE 

SYNTAX TANAbfdDiagTC 

MAX-ACCESS read-only 

STATUS current 

DESCRIPTION 
"A diagnostic code specifying the local system’s reason 
for the last transition of the session from up (4) 
to some other state." 

::= { bfdSessEntry 13 } 


bfdSessOperMode OBJECT-TYPE 

SYNTAX IANAbfdSessOperModeTC 

MAX-ACCESS read-create 

STATUS current 

DESCRIPTION 
"This object specifies the operational mode of this 
BFD session." 

::= { bfdSessEntry 14 } 


bfdSessDemandModeDesiredFlag OBJECT-TYPE 

SYNTAX TruthValue 

MAX-ACCESS read-create 

STATUS current 

DESCRIPTION 
"This object indicates the local system’s 
desire to use Demand mode. Specifically, it is set 
to true(1) if the local system wishes to use 
Demand mode or false(2) if not." 

DEFVAL { false } 

::= { bfdSessEntry 15 } 
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bfdSessControlPlaneIndepFlag OBJECT-TYPE 

SYNTAX TruthValue 

MAX-ACCESS read-create 

STATUS current 

DESCRIPTION 
"This object indicates the local system’s 
ability to continue to function through a disruption of 
the control plane. Specifically, it is set 
to true(1) if the local system BFD implementation is 
independent of the control plane. Otherwise, the 
value is set to false(2)." 

DEFVAL { false } 

::= { bfdSessEntry 16 } 


bfdSessMultipointFlag OBJECT-TYPE 

SYNTAX TruthValue 

MAX-ACCESS read-create 

STATUS current 

DESCRIPTION 
"This object indicates the Multipoint (M) bit for this 
session. It is set to true(1) if the Multipoint (M) bit is 
set to 1. Otherwise, the value is set to false(2)." 

DEFVAL { false } 

::= { bfdSessEntry 17 } 


bfdSessInterface OBJECT-TYPE 

SYNTAX InterfaceIndexOrZero 

MAX-ACCESS read-create 

STATUS current 

DESCRIPTION 
"This object contains an interface index used to indicate 
the interface that this BFD session is running on. This 
value can be zero if there is no interface associated 
with this BFD session." 

::= { bfdSessEntry 18 } 


bfdSessSrcAddrType OBJECT-TYPE 

SYNTAX InetAddressType 

MAX-ACCESS read-create 

STATUS current 

DESCRIPTION 
"This object specifies the IP address type of the source IP 
address of this BFD session. The value of unknown(0) is 
allowed only when the session is singleHop(1) and the 
source IP address of this BFD session is derived from 
the outgoing interface, or when the BFD session is not 
associated with a specific interface. If any other 
unsupported values are attempted in a set operation, the 
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agent MUST return an inconsistentValue error." 
::= { bfdSessEntry 19 } 


bfdSessSrcAddr OBJECT-TYPE 

SYNTAX InetAddress 

MAX-ACCESS read-create 

STATUS current 

DESCRIPTION 
"This object specifies the source IP address of this BFD 
session. The format of this object is controlled by the 
bfdSessSrcAddrType object." 

::= { bfdSessEntry 20 } 


bfdSessDstAddrType OBJECT-TYPE 

SYNTAX InetAddressType 

MAX-ACCESS read-create 

STATUS current 

DESCRIPTION 
"This object specifies the IP address type of the neighboring 
IP address that is being monitored with this BFD session. 
The value of unknown(0) is allowed only when the session is 
singleHop(1) and the outgoing interface is of type 
point to point, or when the BFD session is not associated 
with a specific interface. If any other unsupported values 
are attempted in a set operation, the agent MUST return an 
inconsistentValue error." 

::= { bfdSessEntry 21 } 


bfdSessDstAddr OBJECT-TYPE 

SYNTAX InetAddress 

MAX-ACCESS read-create 

STATUS current 

DESCRIPTION 
"This object specifies the neighboring IP address that is 
being monitored with this BFD session. The format of this 
object is controlled by the bfdSessDstAddrType object." 

:= { bfdSessEntry 22 } 


bfdSessGTSM OBJECT-TYPE 

SYNTAX TruthValue 

MAX-ACCESS read-create 

STATUS current 

DESCRIPTION 
"Setting the value of this object to false(2) will disable 
GTSM protection of the BFD session. GTSM MUST be enabled 
on a singleHop(1) session if no authentication is in use." 
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REFERENCE 
"RFC 5082, The Generalized TTL Security Mechanism (GTSM). 
Section 5 of RFC 5881, Bidirectional Forwarding Detection 
(BFD) for IPv4 and IPv6 (Single Hop)." 
DEFVAL { true } 
::= { bfdSessEntry 23 } 


bfdSessGTSMTTL OBJECT-TYPE 
SYNTAX Unsigned32 (0..255) 
MAX-ACCESS read-create 
STATUS current 
DESCRIPTION 
"This object is valid only when bfdSessGTSM protection is 
enabled on the system. This object indicates the minimum 


2014 


allowed Time to Live (TTL) for received BFD Control packets. 


For a singleHop(1) session, if GTSM protection is enabled, 
this object SHOULD be set to the maximum TTL value allowed 


for a single hop. 


By default, GISM is enabled and the TTL value is 255. Fora 
multihop session, updating of the maximum TTL value allowed 


is likely required." 
REFERENCE 
"RFC 5082, The Generalized TTL Security Mechanism (GTSM). 
Section 5 of RFC 5881, Bidirectional Forwarding Detection 
(BFD) for IPv4 and IPv6 (Single Hop)." 
DEFVAL { 255 } 
::= { bfdSessEntry 24 } 


bfdSessDesiredMinTxInterval OBJECT-TYPE 
SYNTAX BfdIntervalTC 
MAX-ACCESS read-create 
STATUS current 
DESCRIPTION 
"This object specifies the minimum interval, in 
microseconds, that the local system would like to use 


when transmitting BFD Control packets. The value of 
zero(0) is reserved in this case and should not be 
used." 

REFERENCE 


"Section 4.1 of RFC 5880, Bidirectional Forwarding 
Detection (BFD)." 
::= { bfdSessEntry 25 } 


bfdSessReqMinRxInterval OBJECT-TYPE 


SYNTAX BfdIntervalTC 
MAX-ACCESS read-create 
STATUS current 
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DESCRIPTION 
"This object specifies the minimum interval, in 
microseconds, between received BFD Control packets the 
local system is capable of supporting. The value of 
zero(0) can be specified when the transmitting system 
does not want the remote system to send any periodic BFD 
Control packets." 

REFERENCE 
"Section 4.1 of RFC 5880, Bidirectional Forwarding 
Detection (BFD)." 

::= { bfdSessEntry 26 } 


bfdSessReqMinEchoRxInterval OBJECT-TYPE 

SYNTAX BfdIntervalTC 

MAX-ACCESS read-create 

STATUS current 

DESCRIPTION 
"This object specifies the minimum interval, in 
microseconds, between received BFD Echo packets that this 
system is capable of supporting. The value must be zero(0) 
this is a multihop BFD session." 

:= { bfdSessEntry 27 } 


bfdSessDetectMult OBJECT-TYPE 
SYNTAX BfdMultiplierTc 
MAX-ACCESS read-create 
STATUS current 
DESCRIPTION 
"This object specifies the Detect time multiplier." 
:= { bfdSessEntry 28 } 


bfdSessNegotiatedInterval OBJECT-TYPE 

SYNTAX BfdIntervalTC 

MAX-ACCESS read-only 

STATUS current 

DESCRIPTION 
"This object specifies the negotiated interval, in 
microseconds, that the local system is transmitting 
BFD Control packets." 

::= { bfdSessEntry 29 } 


bfdSessNegotiatedEchoInterval OBJECT-TYPE 
SYNTAX BfdIntervalTCc 
MAX-ACCESS read-only 
STATUS current 
DESCRIPTION 
"This object specifies the negotiated interval, in 
microseconds, that the local system is transmitting 


if 
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BFD Echo packets. The value is expected to be zero if 
the sessions are not running in Echo mode." 
::= { bfdSessEntry 30 } 


bfdSessNegotiatedDetectMult OBJECT-TYPE 
SYNTAX BfdMultiplierTc 
MAX-ACCESS read-only 
STATUS current 
DESCRIPTION 
"This object specifies the Detect time multiplier." 
::= { bfdSessEntry 31 } 


bfdSessAuthPresFlag OBJECT-TYPE 

SYNTAX TruthValue 

MAX-ACCESS read-create 

STATUS current 

DESCRIPTION 
"This object indicates the local system’s 
desire to use authentication. Specifically, it is set 
to true(1) if the local system wishes the session 
to be authenticated or false(2) if not." 

REFERENCE 
"Sections 4.2 - 4.4 of RFC 5880, Bidirectional Forwarding 
Detection (BFD)." 

DEFVAL { false } 

::= { bfdSessEntry 32 } 


bfdSessAuthenticationType OBJECT-TYPE 

SYNTAX TANAbfdSessAuthenticationTypeTC 

MAX-ACCESS read-create 

STATUS current 

DESCRIPTION 
"The authentication type used for this BFD session. 
This field is valid only when the Authentication 
Present bit is set. MAX-ACCESS to this object as well as 
other authentication-related objects are set to 
read-create in order to support management of a single 
key ID at a time; key rotation is not handled. Key update 
in practice must be done by atomic update using a set 
containing all affected objects in the same varBindList 
or otherwise risk the session dropping." 

REFERENCE 
"Sections 4.2 - 4.4 of RFC 5880, Bidirectional Forwarding 
Detection (BFD)." 

DEFVAL { noAuthentication } 

::= { bfdSessEntry 33 } 
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bfdSessAuthenticationKeyID OBJECT-TYPE 

SYNTAX Integer32 (-1 | 0..255) 

MAX-ACCESS read-create 

STATUS current 

DESCRIPTION 
"The authentication key ID in use for this session. This 
object permits multiple keys to be active simultaneously. 
The value -1 indicates that no authentication key ID will 
be present in the optional BFD Authentication Section." 

REFERENCE 
"Sections 4.2 - 4.4 of RFC 5880, Bidirectional Forwarding 
Detection (BFD)." 

DEFVAL { -1 } 

::= { bfdSessEntry 34 } 


bfdSessAuthenticationKey OBJECT-TYPE 

SYNTAX TANAbfdSessAuthenticationkeyTC 

MAX-ACCESS read-create 

STATUS current 

DESCRIPTION 
"The authentication key. When the 
bfdSessAuthenticationType is simplePassword(1), the value 
of this object is the password present in the BFD packets. 


When the bfdSessAuthenticationType is one of the keyed 
authentication types, this value is used in the 
computation of the key present in the BFD authentication 
packet." 

REFERENCE 
"Sections 4.2 - 4.4 of RFC 5880, Bidirectional Forwarding 
Detection (BFD)." 

::= { bfdSessEntry 35 } 


bfdSessStorageType OBJECT-TYPE 

SYNTAX StorageType 

MAX-ACCESS read-create 

STATUS current 

DESCRIPTION 
"This variable indicates the storage type for this 
object. Conceptual rows having the value 
‘permanent’ need not allow write-access to any 
columnar objects in the row." 

::= { bfdSessEntry 36 } 


bfdSessRowStatus OBJECT-TYPE 


SYNTAX RowStatus 
MAX-ACCESS read-create 
STATUS current 
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DESCRIPTION 
"This variable is used to 


delete a row in this table. 
table has a row in the active(1) 


BFD- 


STD-MIB 


create, modify, and/or 
When a row in this 
state, no 


objects in this row can be modified except the 
bfdSessRowStatus and bfdSessStorageType." 


:= { bfdSessEntry 37 } 
-—- BFD Session Performance Table 


bfdSessPerfTable OBJECT-TYPE 
SYNTAX 
MAX-ACCESS not-accessible 
STATUS current 
DESCRIPTION 
"This table specifies BFD 
::= { bfdObjects 3 } 


bfdSessPerfEntry OBJECT-TYPE 
SYNTAX BfdSessPerfEntry 
MAX-ACCESS not-accessible 
STATUS current 
DESCRIPTION 


SEQUENCE OF BfdSessPerfEntry 


session performance counters." 


"An entry in this table is created by a BFD-enabled node 


for every BFD session. 


bfdSessPerfDiscTime is used to 


indicate potential discontinuity for all counter objects 


in this table." 
AUGMENTS { bfdSessEntry } 
:= { bfdSessPerfTable 1 } 


BfdSessPerfEntry ::= SEQUENCE { 
bfdSessPerfCtrlPktiIn 
bfdSessPerfCtrlPktOut 
bfdSessPerfCtrlPktDrop 
bfdSessPerfCtrlPktDropLastTime 
bfdSessPerfEchoPktIn 
bfdSessPerfEchoPktOut 
bfdSessPerfEchoPktDrop 
bfdSessPerfEchoPktDropLastTime 
bfdSessUpTime 
bfdSessPerfLastSessDownTime 
bfdSessPerfLastCommLostDiag 
bfdSessPerfSessUpCount 
bfdSessPerfDiscTime 


-- High Capacity Counters 
bfdSessPerfCtrlPktInHC 
bfdSessPerfCtrlPktOutHC 
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Counter32, 
Counter32, 
Counter32, 
TimeStamp, 
Counter32, 
Counter32, 
Counter32, 
TimeStamp, 
TimeStamp, 
TimeStamp, 
TANAbfdDiagTC, 
Counter32, 
TimeStamp, 


Counter64, 
Counter64, 
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bfdSessPerfCtrlPktDropHC Counter64, 
bfdSessPerfEchoPktInHC Counter64, 
bfdSessPerfEchoPktOutHC Counter64, 
bfdSessPerfEchoPktDropHC Counter64 


} 


bfdSessPerfCtrlPktIn OBJECT-TYPE 
SYNTAX Counter32 
MAX-ACCESS read-only 
STATUS current 
DESCRIPTION 


"The total number of BFD control messages received for this 


BFD session. 


It MUST be equal to the least significant 32 bits of 
bfdSessPerfCtrlPktInHC if supported, and MUST do so 
with the rules spelled out in RFC 2863." 

::= { bfdSessPerfEntry 1 } 


bfdSessPerfCtrlPktOut OBJECT-TYPE 
SYNTAX Counter32 
MAX-ACCESS read-only 
STATUS current 
DESCRIPTION 


"The total number of BFD control messages sent for this BFD 


session. 


It MUST be equal to the least significant 32 bits of 
bfdSessPerfCtrlPktOutHC if supported, and MUST do so 


with the rules spelled out in RFC 2863." 
::= { bfdSessPerfEntry 2 } 


bfdSessPerfCtrlPktDrop OBJECT-TYPE 
SYNTAX Counter32 
MAX-ACCESS read-only 
STATUS current 
DESCRIPTION 


"The total number of BFD control messages received for this 


session yet dropped for being invalid. 


It MUST be equal to the least significant 32 bits of 
bfdSessPerfCtrlPktDropHC if supported, and MUST do so 


with the rules spelled out in RFC 2863." 
:= { bfdSessPerfEntry 3 } 


bfdSessPerfCtrlPktDropLastTime OBJECT-TYPE 


SYNTAX TimeStamp 
MAX-ACCESS read-only 
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STATUS current 


DESCRIPTION 
"The value of sysUpTime on the most recent occasion at 


which received the BFD control message for this session was 
dropped. If no such up event exists, this object contains 
a zero value." 

:= { bfdSessPerfEntry 4 } 


bfdSessPerfEchoPktIn OBJECT-TYPE 
SYNTAX Counter32 
MAX-ACCESS read-only 
STATUS current 
DESCRIPTION 
"The total number of BFD Echo messages received for this 


BFD session. 


It MUST be equal to the least significant 32 bits of 
bfdSessPerfEchoPktInHC if supported, and MUST do so 
with the rules spelled out in RFC 2863." 

::= { bfdSessPerfEntry 5 } 


bfdSessPerfEchoPktOut OBJECT-TYPE 
SYNTAX Counter32 
MAX-ACCESS read-only 
STATUS current 
DESCRIPTION 
"The total number of BFD Echo messages sent for this BFD 


session. 


It MUST be equal to the least significant 32 bits of 
bfdSessPerfEchoPktOutHC if supported, and MUST do so 
with the rules spelled out in RFC 2863." 

::= { bfdSessPerfEntry 6 } 


bfdSessPerfEchoPktDrop OBJECT-TYPE 
SYNTAX Counter32 
MAX-ACCESS read-only 
STATUS current 


DESCRIPTION 
"The total number of BFD Echo messages received for this 


session yet dropped for being invalid. 


It MUST be equal to the least significant 32 bits of 
bfdSessPerfEchoPktDropHC if supported, and MUST do so 
with the rules spelled out in RFC 2863." 

::= { bfdSessPerfEntry 7 } 


Nadeau, et al. Standards Track [Page 21] 


RFC 7331 BFD-STD-MIB August 2014 


bfdSessPerfEchoPktDropLastTime OBJECT-TYPE 
SYNTAX TimeStamp 
MAX-ACCESS read-only 
STATUS current 


DESCRIPTION 
"The value of sysUpTime on the most recent occasion at 


which received the BFD Echo message for this session was 
dropped. If no such up event has been issued, this 
object contains a zero value." 

::= { bfdSessPerfEntry 8 } 


bfdSessUpTime OBJECT-TYPE 
SYNTAX TimeStamp 
MAX-ACCESS read-only 
STATUS current 


DESCRIPTION 
"The value of sysUpTime on the most recent occasion at which 


the session came up. If no such event has been issued, 
this object contains a zero value." 
::= { bfdSessPerfEntry 9 } 


bfdSessPerfLastSessDownTime OBJECT-TYPE 
SYNTAX TimeStamp 
MAX-ACCESS read-only 
STATUS current 


DESCRIPTION 
"The value of sysUpTime on the most recent occasion at 


which the last time communication was lost with the 
neighbor. If no down event has been issued, this object 
contains a zero value." 

::= { bfdSessPerfEntry 10 } 


bfdSessPerfLastCommLostDiag OBJECT-TYPE 
SYNTAX TANAbfdDiagTC 
MAX-ACCESS read-only 
STATUS current 


DESCRIPTION 
"The BFD diag code for the last time communication was lost 


with the neighbor. If such an event has not been issued, 
this object contains a zero value." 
::= { bfdSessPerfEntry 11 } 


bfdSessPerfSessUpCount OBJECT-TYPE 


SYNTAX Counter32 
MAX-ACCESS read-only 
STATUS current 
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DESCRIPTION 
"The number of times this session has gone into the Up 
state since the system last rebooted." 

::= { bfdSessPerfEntry 12 } 


bfdSessPerfDiscTime OBJECT-TYPE 

SYNTAX TimeStamp 

MAX-ACCESS read-only 

STATUS current 

DESCRIPTION 
"The value of sysUpTime on the most recent occasion at 
which any one or more of the session counters suffered 
a discontinuity. 


The relevant counters are the specific instances associated 
with this BFD session of any Counter32 object contained in 
the BfdSessPerfTable. If no such discontinuities have 
occurred since the last reinitialization of the local 
management subsystem, then this object contains a zero 
value." 

::= { bfdSessPerfEntry 13 } 


bfdSessPerfCtrlPktInHC OBJECT-TYPE 
SYNTAX Counter64 
MAX-ACCESS read-only 
STATUS current 
DESCRIPTION 


"This value represents 
messages received for 


The least significant 
bfdSessPerfCtrlPktiIn, 
the rules spelled out 


the total number of BFD control 
this BFD session. 


32 bits MUST be equal to 
and MUST do so with 
in RFC 2863." 


::= { bfdSessPerfEntry 14 } 


bfdSessPerfCtrlPktOutHC OBJECT-TYPE 
SYNTAX Counter64 
MAX-ACCESS read-only 
STATUS current 
DESCRIPTION 
"This value represents the total number of BFD control 
messages transmitted for this BFD session. 


The least significant 32 bits MUST be equal to 
bfdSessPerfCtrlPktOut, and MUST do so with 
the rules spelled out in RFC 2863." 

::= { bfdSessPerfEntry 15 } 
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bfdSessPerfCtrlPktDropHC OBJECT-TYPE 

SYNTAX Counter64 

MAX-ACCESS read-only 

STATUS current 

DESCRIPTION 
"This value represents the total number of BFD control 
messages received for this BFD session yet dropped for 
being invalid. 


The least significant 32 bits MUST be equal to 
bfdSessPerfCtrlPktDrop, and MUST do so with 
the rules spelled out in RFC 2863." 

::= { bfdSessPerfEntry 16 } 


bfdSessPerfEchoPktInHC OBJECT-TYPE 
SYNTAX Counter64 
MAX-ACCESS read-only 
STATUS current 
DESCRIPTION 
"This value represents the total number of BFD Echo 
messages received for this BFD session. 


The least significant 32 bits MUST be equal to 
bfdSessPerfEchoPktIn, and MUST do so with 
the rules spelled out in RFC 2863." 

::= { bfdSessPerfEntry 17 } 


bfdSessPerfEchoPktOutHC OBJECT-TYPE 
SYNTAX Counter64 
MAX-ACCESS read-only 
STATUS current 
DESCRIPTION 
"This value represents the total number of BFD Echo 
messages transmitted for this BFD session. 


The least significant 32 bits MUST be equal to 
bfdSessPerfEchoPktOut, and MUST do so with 
the rules spelled out in RFC 2863." 

::= { bfdSessPerfEntry 18 } 


bfdSessPerfEchoPktDropHC OBJECT-TYPE 

SYNTAX Counter64 

MAX-ACCESS read-only 

STATUS current 

DESCRIPTION 
"This value represents the total number of BFD Echo 
messages received for this BFD session yet dropped 
for being invalid. 
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The least significant 32 bits MUST be equal to 
bfdSessPerfEchoPktDrop, and MUST do so with 
the rules spelled out in RFC 2863." 

::= { bfdSessPerfEntry 19 } 


—- BFD Session Discriminator Mapping Table 


bfdSessDiscMapTable OBJECT-TYPE 

SYNTAX SEQUENCE OF BfdSessDiscMapEntry 

MAX-ACCESS not-accessible 

STATUS current 

DESCRIPTION 
"The BFD Session Discriminator Mapping Table maps a 
local discriminator value to the associated BFD session’s 
bfdSessIndex found in the bfdSessionTable." 

::= { bfdObjects 4 } 


bfdSessDiscMapEntry OBJECT-TYPE 

SYNTAX BfdSessDiscMapEntry 

MAX-ACCESS not-accessible 

STATUS current 

DESCRIPTION 
"The BFD Session Discriminator Mapping Entry 
specifies a mapping between a local discriminator 
and a BFD session." 

INDEX { bfdSessDiscriminator } 

::= { bfdSessDiscMapTable 1 } 


BfdSessDiscMapEntry ::= SEQUENCE { 
bfdSessDiscMapIndex BfdSessIndexTC 


} 


bfdSessDiscMapIndex OBJECT-TYPE 

SYNTAX BfdSessIndexTC 

MAX-ACCESS read-only 

STATUS current 

DESCRIPTION 
"This object specifies a mapping between a 
local discriminator and a BFD session in 
the BfdSessTable." 

::= { bfdSessDiscMapEntry 1 } 


—- BFD Session IP Mapping Table 


bfdSessIpMapTable OBJECT-TYPE 


SYNTAX SEQUENCE OF BfdSessIpMapEntry 
MAX-ACCESS not-accessible 
STATUS current 
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DESCRIPTION 
"The BFD Session IP Mapping Table maps given 
bfdSessInterface, bfdSessSrcAddrType, bfdSessSrcAddr, 
bfdSessDstAddrType, and bfdSessDstAddr 
to an associated BFD session found in the 
bfdSessionTable." 
:= { bfdobjects 5 } 


bfdSessIpMapEntry OBJECT-TYPE 
SYNTAX BfdSessIpMapEntry 
MAX-ACCESS not-accessible 
STATUS current 
DESCRIPTION 
"The BFD Session IP Map Entry contains a mapping 
from the IP information for a session to the session 
in the bfdSessionTable." 
INDEX { 
bfdSessInterface, 
bfdSessSrcAddrType, 
bfdSessSrcAddr, 
bfdSessDstAddrType, 
bfdSessDstAddr 


::= { bfdSessIpMapTable 1 } 


BfdSessIpMapEntry ::= SEQUENCE { 
bfdSessIpMapIndex BfdSessIndexTC 
} 


bfdSessIpMapIndex OBJECT-TYPE 

SYNTAX BfdSessIndexTC 

MAX-ACCESS read-only 

STATUS current 

DESCRIPTION 
"This object specifies the BfdSessIndexTC referred 
to by the indexes of this row. In essence, a mapping is 
provided between these indexes and the BfdSessTable." 

::= { bfdSessIpMapEntry 1 } 


-—- Notification Configuration 


bfdSessUp NOTIFICATION-TYPE 


OBJECTS { 
bfdSessDiag, -- low range value 
bfdSessDiag -- high range value 
} 
STATUS current 
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DESCRIPTION 


"This notification is generated when the 

bfdSessState object for one or more contiguous 
entries in bfdSessTable are about to enter the up(4) 
state from some other state. The included values of 
bfdSessDiag MUST both be set equal to this 

new state (i.e., up(4)). The two instances of 
bfdSessDiag in this notification indicate the range 
of indexes that are affected. Note that all the indexes 
of the two ends of the range can be derived from the 
instance identifiers of these two objects. For the 
cases where a contiguous range of sessions 

have transitioned into the up(4) state at roughly 
the same time, the device SHOULD issue a single 
notification for each range of contiguous indexes in 
an effort to minimize the emission of a large number 
of notifications. If a notification has to be 
issued for just a single bfdSessEntry, then 

the instance identifier (and values) of the two 
bfdSessDiag objects MUST be identical." 

{ bfdNotifications 1 } 


bfdSessDown NOTIFICATION-TYPE 
OBJECTS { 


} 


bfdSessDiag, -- low range value 
bfdSessDiag -- high range value 


STATUS current 
DESCRIPTION 


Nadeau, 


"This notification is generated when the 
bfdSessState object for one or more contiguous 
entries in bfdSessTable are about to enter the down (2) 


2014 


or adminDown(1) states from some other state. The included 


values of bfdSessDiag MUST both be set equal to this new 
state (i.e., down(2) or adminDown(1)). The two instances 
of bfdSessDiag in this notification indicate the range 

of indexes that are affected. Note that all the indexes 
of the two ends of the range can be derived from the 
instance identifiers of these two objects. For 

cases where a contiguous range of sessions 

have transitioned into the down(2) or adminDown(1) states 


at roughly the same time, the device SHOULD issue a single 


notification for each range of contiguous indexes in 
an effort to minimize the emission of a large number 
of notifications. If a notification has to be 
issued for just a single bfdSessEntry, then 

the instance identifier (and values) of the two 
bfdSessDiag objects MUST be identical." 
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::= { bfdNotifications 2 } 
-—- Module compliance. 


bfdGroups 
OBJECT IDENTIFIER 


{ bfdConformance 1 } 


bfdCompliances 
OBJECT IDENTIFIER 


{ bfdConformance 2 } 


-- Compliance requirement for fully compliant implementations. 


bfdModuleFullCompliance MODULE-COMPLIANCE 
STATUS current 
DESCRIPTION 
"Compliance statement for agents that provide full 
support for the BFD-MIB module. Such devices can 
then be monitored and also be configured using 
this MIB module." 


MODULE -- This module. 


MANDATORY-GROUPS { 
bfdSessionGroup, 
bfdSessionReadOnlyGroup, 
bfdSessionPerfGroup, 
bfdNotificationGroup 

} 


GROUP bfdSessionPerfHCGroup 
DESCRIPTION "This group is mandatory for all systems that 
are able to support the Counter64 date type." 


OBJECT bfdSessSrcAddrType 
SYNTAX InetAddressType { unknown(0), ipv4(1), 
ipv6 (2), ipvéz(4) } 
DESCRIPTION "Only unknown(0), ipv4(1), ipv6(2), and ipvé6z (4) 
support are required. ipv4z(3) is not required, 
and dns(16) is not allowed." 


OBJECT bfdSessSrcAddr 

SYNTAX InetAddress (SIZE (0|4|16|20)) 

DESCRIPTION "An implementation is only required to support 
unknown (0), ipv4(1), ipv6(2), and ipv6z(4) sizes." 


OBJECT bfdSessDstAddrType 


SYNTAX InetAddressType { unknown(0), ipv4(1), 
ipv6 (2), ipvéz(4) } 
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DESCRIPTION "Only unknown(0), ipv4(1), ipv6(2), and ipvé6z (4) 
support are required. ipv4z(3) is not required, 
and dns(16) is not allowed." 


OBJECT bfdSessDstAddr 

SYNTAX InetAddress (SIZE (0|4|16|20)) 

DESCRIPTION "An implementation is only required to support 
unknown (0), ipv4(1), ipv6(2), and ipv6z(4) sizes." 


OBJECT bfdSessRowStatus 
SYNTAX RowStatus { active(l), notInService(2) } 
WRITE-SYNTAX RowStatus { active(1), notInService(2), 
createAndGo (4), destroy(6) } 
DESCRIPTION "Support for createAndWait and notReady is not 
required." 


::= { bfdCompliances 1 } 


bfdModuleReadOnlyCompliance MODULE-COMPLIANCE 
STATUS current 
DESCRIPTION 
"Compliance requirement for implementations that only 
provide read-only support for BFD-MIB. Such devices 
can then be monitored but cannot be configured using 
this MIB module." 


MODULE -- This module. 


MANDATORY-GROUPS { 
bfdSessionGroup, 
bfdSessionReadOnlyGroup, 
bfdSessionPerfGroup, 
bfdNotificationGroup 

} 


GROUP bfdSessionPerfHCGroup 
DESCRIPTION "This group is mandatory for all systems that 
are able to support the Counter64 date type." 


OBJECT bfdSessVersionNumber 
MIN-ACCESS read-only 
DESCRIPTION "Write access is not required." 


OBJECT bfdSessType 


MIN-ACCESS read-only 
DESCRIPTION "Write access is not required." 
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OBJECT bfdSessDiscriminator 

MIN-ACCESS read-only 

DESCRIPTION "Write access is not required." 

OBJECT bfdSessDestinationUdpPort 

MIN-ACCESS read-only 

DESCRIPTION "Write access is not required." 

OBJECT bfdSessSourceUdpPort 

MIN-ACCESS read-only 

DESCRIPTION "Write access is not required." 

OBJECT bfdSessEchoSourceUdpPort 

MIN-ACCESS read-only 

DESCRIPTION "Write access is not required." 

OBJECT bfdSessAdminStatus 

MIN-ACCESS read-only 

DESCRIPTION "Write access is not required." 

OBJECT bfdSessOperMode 

MIN-ACCESS read-only 

DESCRIPTION "Write access is not required." 

OBJECT bfdSessDemandModeDesiredFlag 

MIN-ACCESS read-only 

DESCRIPTION "Write access is not required." 

OBJECT bfdSessControlPlaneIndepFlag 

MIN-ACCESS read-only 

DESCRIPTION "Write access is not required." 

OBJECT bfdSessMultipointFlag 

MIN-ACCESS read-only 

DESCRIPTION "Write access is not required." 

OBJECT bfdSessInterface 

MIN-ACCESS read-only 

DESCRIPTION "Write access is not required." 

OBJECT bfdSessSrcAddrType 

SYNTAX InetAddressType { unknown(0), ipv4(1 
ipv6(2), ipv6z (4) 

MIN-ACCESS read-only 
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DESCRIPTION "Only unknown(0), ipv4(1), ipv6(2), and ipvé6z (4) 
support are required. ipv4z(3) is not required, 
and dns(16) is not allowed." 
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OBJECT bfdSessSrcAddr 
SYNTAX InetAddress (SIZE (0|4|16|20)) 
MIN-ACCESS read-only 


DESCRIPTION "An implementation is only required to support 
unknown (0), ipv4(1), ipv6(2), and ipv6z(4) sizes." 


OBJECT bfdSessDstAddrType 

SYNTAX InetAddressType { unknown(0), ipv4(1), 
ipv6(2), ipvéz(4) } 

MIN-ACCESS read-only 


DESCRIPTION "Only unknown(0), ipv4(1), ipv6(2), and ipv6z (4) 
support are required. ipv4z(3) is not required, 


and dns(16) is not allowed." 


OBJECT bfdSessDstAddr 

SYNTAX InetAddress (SIZE (0|4|16|20)) 

MIN-ACCESS read-only 

DESCRIPTION "An implementation is only required to support 
unknown (0), ipv4(1), ipv6(2), and ipv6z(4) sizes." 

OBJECT bfdSessGTSM 

MIN-ACCESS read-only 

DESCRIPTION "Write access is not required." 

OBJECT bfdSessGTSMTTL 

MIN-ACCESS read-only 

DESCRIPTION "Write access is not required." 

OBJECT bfdSessDesiredMinTxInterval 

MIN-ACCESS read-only 

DESCRIPTION "Write access is not required." 

OBJECT bfdSessReqMinRxInterval 

MIN-ACCESS read-only 

DESCRIPTION "Write access is not required." 

OBJECT bfdSessReqMinEchoRxInterval 

MIN-ACCESS read-only 

DESCRIPTION "Write access is not required." 

OBJECT bfdSessDetectMult 

MIN-ACCESS read-only 

DESCRIPTION "Write access is not required." 

OBJECT bfdSessAuthPresFlag 

MIN-ACCESS read-only 

DESCRIPTION "Write access is not required." 
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OBJECT 
MIN-ACCESS 
DESCRIPTION 


OBJECT 
MIN-ACCESS 
DESCRIPTION 


OBJECT 
MIN-ACCESS 
DESCRIPTION 


OBJECT 
MIN-ACCESS 
DESCRIPTION 


OBJECT 
SYNTAX 
MIN-ACCESS 
DESCRIPTION 
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bfdSessAuthenticationType 
read-only 


"Write access is not required. 


bfdSessAuthenticationKeyID 
read-only 


"Write access is not required. 


bfdSessAuthenticationKkey 
read-only 


"Write access is not required. 


bfdSessStorageType 
read-only 


"Write access is not required. 


bfdSessRowStatus 
RowStatus { active(1) } 
read-only 


"Write access is not required. 


:= { bfdCompliances 2 } 


-- Units of conformance. 


bfdSessionGroup OBJECT-GROUP 


OBJECTS { 


bfdAdminStatus, 
bfdOperStatus, 
bfdNotificationsEnable, 
bfdSessVersionNumber, 
bfdSessType, 
bfdSessIndexNext, 
bfdSessDiscriminator, 
bfdSessDestinationUdpPort, 
bfdSessSourceUdpPort, 
bfdSessEchoSourceUdpPort, 
bfdSessAdminStatus, 
bfdSessOperStatus, 
bfdSessOperMode, 
bfdSessDemandModeDesiredFlag, 
bfdSessControlPlaneIndepFlag, 
bfdSessMultipointFlag, 
bfdSessInterface, 
bfdSessSrcAddrType, 
bfdSessSrcAddr, 
bfdSessDstAddrType, 
bfdSessDstAddr, 
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bfdSessGTSM, 
bfdSessGTSMTTL, 
bfdSessDesiredMinTxInterval, 
bfdSessReqMinRxInterval, 
bfdSessReqMinEchoRxInterval, 
bfdSessDetectMult, 
bfdSessAuthPresFlag, 
bfdSessAuthenticationType, 
bfdSessAuthenticationKkeyID, 
bfdSessAuthenticationkey, 
bfdSessStorageType, 
bfdSessRowStatus 

} 

STATUS current 

DESCRIPTION 
"Collection of objects needed for BFD sessions." 

::= { bfdGroups 1 } 


bfdSessionReadOnlyGroup OBJECT-GROUP 

OBJECTS { 
bfdSessRemoteDiscr, 
bfdSessState, 
bfdSessRemoteHeardFlag, 
bfdSessDiag, 
bfdSessNegotiatedInterval, 
bfdSessNegotiatedEchoInterval, 
bfdSessNegotiatedDetectMult, 
bfdSessDiscMapIndex, 
bfdSessIpMapIndex 

} 

STATUS current 

DESCRIPTION 
"Collection of read-only objects needed for BFD sessions." 

::= { bfdGroups 2 } 


bfdSessionPerfGroup OBJECT-—GROUP 
OBJECTS { 

bfdSessPerfCtrlPktIn, 
bfdSessPerfCtrilPktOut, 
bfdSessPerfCtrlPktDrop, 
bfdSessPerfCtrlPktDropLastTime, 
bfdSessPerfEchoPktIin, 
bfdSessPerfEchoPktOut, 
bfdSessPerfEchoPktDrop, 
bfdSessPerfEchoPktDropLastTime, 
bfdSessUpTime, 
bfdSessPerfLastSessDownTime, 
bfdSessPerfLastCommLostDiag, 
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bfdSessPerfSessUpCount, 
bfdSessPerfDiscTime 

} 

STATUS current 

DESCRIPTION 
"Collection of objects needed to monitor the 
performance of BFD sessions." 

:= { bfdGroups 3 } 


bfdSessionPerfHCGroup OBJECT-—GROUP 
OBJECTS { 
bfdSessPerfCtrlPktInHC, 
bfdSessPerfCtrlPktOutHC, 
bfdSessPerfCtrlPktDropHC, 
bfdSessPerfEchoPktInHC, 
bfdSessPerfEchoPktOutHC, 
bfdSessPerfEchoPktDropHC 


STATUS current 

DESCRIPTION 
"Collection of objects needed to monitor the 
performance of BFD sessions for which the 
values of bfdSessPerfPktIn and bfdSessPerfPktOut 
wrap around too quickly." 

::= { bfdGroups 4 } 


bfdNotificationGroup NOTIFICATION-GROUP 

NOTIFICATIONS { 
bfdSessUp, 
bfdSessDown 

} 

STATUS current 

DESCRIPTION 
"Set of notifications implemented in this 
module." 

:= { bfdGroups 5 } 


END 
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6. Security Considerations 


As BFD may be tied into the stability of the network infrastructure 
(such as routing protocols), the effects of an attack on a BFD 
session may be very serious. This ultimately has denial-of-service 
effects, as links may be declared to be down (or falsely declared to 
be up.) As such, improper manipulation of the objects represented by 
this MIB may result in denial of service to a large number of end 
users. 


There are a number of management objects defined in this MIB module 
with a MAX-ACCESS clause of read-write and/or read-create. Such 
objects may be considered sensitive or vulnerable in some network 
environments. The support for SET operations in a non-secure 
environment without proper protection can have a negative effect on 
network operations. These are the tables and objects and their 
sensitivity/vulnerability: 


o bfdAdminStatus -- Improper change of bfdAdminStatus, to 
disabled(2), adminDown(3), or down(4), can cause significant 
disruption of the connectivity to those portions of the Internet 
reached via all the applicable remote BFD peers. 


o bfdSessAdminStatus -- Improper change of bfdSessAdminStatus, to 
disabled(2), adminDown(3), or down(4), can cause significant 
disruption of the connectivity to those portions of the Internet 
reached via all the applicable remote BFD peers. 


o bfdSessDesiredMinTxInterval, bfdSessReqMinRxInterval, 
bfdSessReqMinEchoRxInterval, bfdSessDetectMult -- Improper change 
of this object can cause connections to be disrupted for extremely 
long time periods when otherwise they would be restored in a 
relatively short period of time. 


o Some management objects define the BFD session whilst other 
management objects define the parameter of the BFD session. It is 
particularly important to control the support for SET access to 
those management objects that define the BFD session, as changes 
to them can be disruptive. Implementation SHOULD NOT allow 
changes to following management objects when bfdSessState is 
up (4): 


* bfdSessVersionNumber 
* bfdSessType 


* bfdSessDestinationUdpPort 
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* bfdSessMultipointFlag 
* bfdSessInterface 

* bfdSessSrcAddrType 

* bfdSessSrcAddr 

* bfdSessDstAddrType 

* bfdSessDstAddr 


There are a number of management objects defined in this MIB module 
with a MAX-ACCESS clause of read-write and/or read-create. Such 
objects may be considered sensitive or vulnerable in some network 
environments. It is thus important to control even GET and/or NOTIFY 
access to these objects and possibly to even encrypt the values of 
these objects when sending them over the network via SNMP. 


o The bfdSessTable may be used to directly configure BFD sessions. 
The bfdSessMapTable can be used indirectly in the same way. 
Unauthorized access to objects in this table could result in 
disruption of traffic on the network. This is especially true if 
an unauthorized user configures enough tables to invoke a 
denial-of-service attack on the device where they are configured, 
or on a remote device where the sessions terminate. 


Some of the readable objects in this MIB module (i.e., objects with a 
MAX-ACCESS other than not-accessible) may be considered sensitive or 
vulnerable in some network environments. It is thus important to 
control even GET and/or NOTIFY access to these objects and possibly 
to even encrypt the values of these objects when sending them over 
the network via SNMP. These are the tables and objects and their 
sensitivity/vulnerability: 


o The bfdSessPerfTable allows access to the performance 
characteristics of BFD sessions. Network administrators not 
wishing to show this information should consider this table 
sensitive. 


The bfdSessAuthenticationType, bfdSessAuthenticationKeyID, and 
bfdSessAuthenticationKkKey objects hold security methods and associated 
security keys of BFD sessions. These objects are highly sensitive. 
In order to prevent this sensitive information from being improperly 
accessed, implementers SHOULD disallow access to these objects. 


SNMP versions prior to SNMPv3 did not include adequate security. 
Even if the network itself is secure (for example by using IPsec), 
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even then, there is no control as to who on the secure network is 
allowed to access and GET/SET (read/change/create/delete) the objects 
in this MIB module. 


It is RECOMMENDED that implementers consider the security features as 
provided by the SNMPv3 framework (see [RFC3410]), including full 
support for the SNMPv3 cryptographic mechanisms (for authentication 
and privacy). 


Further, deployment of SNMP versions prior to SNMPv3 is NOT 
RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to 
enable cryptographic security. It is then a customer/operator 
responsibility to ensure that the SNMP entity giving access to an 
instance of this MIB module is properly configured to give access to 
the objects only to those principals (users) that have legitimate 
rights to indeed GET or SET (change/create/delete) them. 


7. IANA Considerations 


The MIB module in this document uses the following IANA-assigned 
OBJECT IDENTIFIER value recorded in the "SMI Network Management MGMT 
Codes" registry: 


Descriptor OBJECT IDENTIFIER value 


bfdMIB { mib-2 222 } 
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